Anti Virus

James Wilkinson ubuntu at westexe.demon.co.uk
Thu May 19 12:43:38 UTC 2005


One aspect that the Register article doesn't make clear:

The very few "successful" Linux worms (Ramen:
http://www.sans.org/y2k/ramen.htm and l10n:
http://www.sans.org/y2k/lion.htm) have used remotely-exploitable
security holes to spread. The root problem with the infected machines
was not that they got infected, but that they had programs with known
remote exploits running in the first place. If they had been properly
kept up to date, then they could not have been exploited.

On Linux, at least, the "virus problem" is simply part of the "security
problem" and should be handled as such. If your system is suitably
protected against crackers, it should be protected against worms and
viruses.

Since then, security practice has changed: Linux distributions come with
built-in firewalls, no (or very few) daemons listening to the network by
default, or both. This in itself makes it unlikely that there will be
enough installed remotely-exploitable holes for a future worm to use.

James.

-- 
E-mail address: james | "My aunt's camel has fallen in the mirage."
@westexe.demon.co.uk  |     -- "Soul Music", Terry Pratchett.




More information about the ubuntu-users mailing list